This guy got paid $12,500 for figuring out how to delete nearly every photo on Facebook

Mark Zuckerberg has one less bug to worry about. AP Photo/Manu Fernandez Facebook has paid a security researcher $12,500 (£8,121) for uncovering a bug that allowed him to delete any person's photos or albums on the social network without that person's permission.

He tested it out with guinea pig account and was able to easily remove its photos. "OMG :D the album got deleted!" Muthiyah wrote on his site. "So I got access to delete all of your Facebook photos (photos which are public or photos I could see) :P lol :D"

When he's not exposing serious security flaws, Muthiyah is a web developer at Behindwoods, an Indian entertainment site. He lives in India.

Facebook reached out to Naked Security to clarify that the glitch would not have affected quite every photo on Facebook. It is possible to set albums to private so they can be viewed only by the uploader or an approved group of people. These would not have been affected. But if Muthiyah could find it, he could delete it. It could be used to wipe profile pictures, photos of brands and public figures, and those of people who haven't locked down their privacy settings.

Tech companies frequently give out cash bounties to security researchers who flag vulnerabilities with their software. It encourages people to try to find bugs that official developers might have missed before they are exploited.